|
Home > Archive > microsoft.public.exchange2000.admin > October 2002 > DNS and Exch 2k
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Frank Durham 2002-10-05, 8:39 pm |
| Question for the board..
I have an exchange 2k server in the DMZ that needs to communicate with
servers in the internal/protected network. This server is part of a
Front-End/Bac-End topology. According to the article "Microsoft Exchange
2000 Server Front-End and Back-End" The problem I am having is the exch2k
server finding and getting access to the DC's and GC's. I am using a PIX
Firewall and opened up the necessary ports as well, but when the Exch2k
queries the DNS inside, it returns an internal address to the exch2k server
and the exch2k does not know how to handle that IP since everything is
NATed. My question, is it not recommended to put a DNS server on the exch2k
box and just have the NATed IP addresses on it for this specific purpose?
Frank
| |
| Ed Woodrick 2002-10-05, 8:39 pm |
| Move the machine into the network and you'll be much happier and probably
more secure.
"Frank Durham" <fdurham@nospam.sportsendeavors.com> wrote in message
news:#xjESHPVCHA.2684@tkmsftngp08...
> Question for the board..
>
> I have an exchange 2k server in the DMZ that needs to communicate with
> servers in the internal/protected network. This server is part of a
> Front-End/Bac-End topology. According to the article "Microsoft Exchange
> 2000 Server Front-End and Back-End" The problem I am having is the exch2k
> server finding and getting access to the DC's and GC's. I am using a PIX
> Firewall and opened up the necessary ports as well, but when the Exch2k
> queries the DNS inside, it returns an internal address to the exch2k
server
> and the exch2k does not know how to handle that IP since everything is
> NATed. My question, is it not recommended to put a DNS server on the
exch2k
> box and just have the NATed IP addresses on it for this specific purpose?
>
> Frank
>
>
| |
| Frank Durham 2002-10-05, 8:39 pm |
| Ed-
Can't do that.. That is the purpose of a Front-End and Back End setup. The
Front End sits in the DMZ, while the Back End sits internal.
Frank
"Ed Woodrick" <ewoodrick@ed-com.net.no.spam> wrote in message
news:#UXa2JVVCHA.436@tkmsftngp10...
> Move the machine into the network and you'll be much happier and probably
> more secure.
>
>
> "Frank Durham" <fdurham@nospam.sportsendeavors.com> wrote in message
> news:#xjESHPVCHA.2684@tkmsftngp08...
> > Question for the board..
> >
> > I have an exchange 2k server in the DMZ that needs to communicate with
> > servers in the internal/protected network. This server is part of a
> > Front-End/Bac-End topology. According to the article "Microsoft
Exchange
> > 2000 Server Front-End and Back-End" The problem I am having is the
exch2k
> > server finding and getting access to the DC's and GC's. I am using a
PIX
> > Firewall and opened up the necessary ports as well, but when the Exch2k
> > queries the DNS inside, it returns an internal address to the exch2k
> server
> > and the exch2k does not know how to handle that IP since everything is
> > NATed. My question, is it not recommended to put a DNS server on the
> exch2k
> > box and just have the NATed IP addresses on it for this specific
purpose?
> >
> > Frank
> >
> >
>
>
| |
| Steele 2002-10-05, 8:40 pm |
| If you're only trying to get one address, what about just using a HOST file?
--
IP, Therefore I Am
"Frank Durham" <fdurham@nospam.sportsendeavors.com> wrote in message
news:#xjESHPVCHA.2684@tkmsftngp08...
> Question for the board..
>
> I have an exchange 2k server in the DMZ that needs to communicate with
> servers in the internal/protected network. This server is part of a
> Front-End/Bac-End topology. According to the article "Microsoft Exchange
> 2000 Server Front-End and Back-End" The problem I am having is the exch2k
> server finding and getting access to the DC's and GC's. I am using a PIX
> Firewall and opened up the necessary ports as well, but when the Exch2k
> queries the DNS inside, it returns an internal address to the exch2k
server
> and the exch2k does not know how to handle that IP since everything is
> NATed. My question, is it not recommended to put a DNS server on the
exch2k
> box and just have the NATed IP addresses on it for this specific purpose?
>
> Frank
>
>
|
|
|
|
|